harbar.net component based software & platform hygiene
SharePoint 2010

SharePoint 2010

Configuring Kerberos Constrained Delegation with Protocol Transition and the Claims to Windows Token Service using Windows PowerShell

Recently I’ve done a few pieces of work with SharePoint 2013 Business Intelligence and I have also delivered the “legendary”* Kerberos and Claims to Windows Service talk a few times this year. This reminded me to post my Windows PowerShell snippets for the required Active Directory configuration. This topic area is perhaps one of the most misunderstood areas of SharePoint Server, and there is an utterly staggering amount of misinformation, out of date information, single server documentation and good old fashioned 100% bullshit out there. That’s a surprise with SharePoint stuff, huh? Every guide or document out there...

Updated ULS Viewer

If you haven’t already grabbed it, just a quick note to let you know that Microsoft put an update of the ULS Viewer tool out recently. For quite a while the tool had been removed from code.msdn.microsoft.com and those who had “lost” a copy had to resort to annoying others to get it. ULS Viewer, as I’ve written previously is an essential tool for working with SharePoint.  The new version has a number of tweaks including viewing across a farm, rather than manually having to configure that up. Go get it! ULS Viewer download Bill’s post...

Antivirus and SharePoint 2013

With the discontinuation of Forefront Protection for SharePoint, Microsoft no longer provides a streaming antivirus solution for SharePoint. This has lead to an ever increasingly common customer question, “what do I use for SharePoint antivirus?”. This post aims to detail the options (right now there is only one) as opposed to answering the question repeatedly. It is NOT intended to be a discussion on why you need a streaming antivirus solution for SharePoint, which is potentially a post for another day. For now, assume you have that requirement, so what are the options? SharePoint 2013 introduces NO CHANGES to...

Seventh edition of the free DIWUG SharePoint Magazine

The best free SharePoint magazine published online, the DIWUG SharePoint e-Magazine, have released their seventh edition. As usual this is a great edition with a mix of articles written by SharePoint community members. I contributed a two part article series, of which part two is featured in this magazine: Real World Service Application federation with SharePoint 2010 Part Two In the 6th edition of DIWUG eMagazine (#6) Part One of this article covered the basic capability of Service Application Federation along with the required configuration. Following on from part one,...

The SharePoint Evolution Conference returns to London in April 2013

Phew! Is it really two months since we wrapped up the International SharePoint Conference back in April? It was a great privilege to work with Combined Knowledge, Steve Smith and the world class speaker team. The fantastic response we received from attendees, sponsors and the wider community makes the hard work and long hours justified. Overall the new event format worked very well, and there were no logistical or technical disasters. Of course there is significant room for improvement in the future and community feedback has been greatly received. Additional follow up materials from the conference are forthcoming and you...

User Profile Service Application Sync Database Maintenance with the February 2012 Cumulative Update

Since the release of SharePoint Server 2010, the maintenance of the User Profile Service Application (UPA) Sync DB has been extremely problematic. I’m not talking about “standard” database maintenance tasks here, you know those routine tasks you should be performing on your environment but that seldom are implemented by those running operational service :). This is all about the Sync DB retaining data that it shouldn’t. There is quite a lot of confusion out there surrounding this topic in general and it has certainly hit a lot of customers, hard. The fundamental issue stems from the choice of the...

What Every SharePoint Admin Needs to Know About Host Named Site Collections

My buddy and all round decent bloke, Kirk Evans, a PFE from Texas way has put together a great blog post on Host Named Site Collections (HNSC) in SharePoint 2010. This should be considered essential reading for SharePoint infrastructure types (IT Pros as Microsoft so offensively buckets them :)). HNSC are often referred to as Host header site collections, and are greatly misunderstood by the field at large. Indeed some SharePoint “experts” have recently made some rather silly statements about them, suggesting they should be avoided. Admittedly many moons ago there were statements about that from Microsoft...

Sixth edition of the free DIWUG SharePoint Magazine

The best free SharePoint magazine published online, the DIWUG SharePoint e-Magazine, have released their sixth edition. As usual this is a great edition with a mix of articles written by SharePoint community members. I contributed a two part article series, of which part one is featured in this magazine: Real World Service Application federation with SharePoint 2010 Part One One of the most powerful new infrastructure capabilities in SharePoint Server 2010 is that of Service Application Federation. Enabled by the new Service Application ...

The iPad Invasion: Leveraging SharePoint for Mobile Enterprise Security

iThings – they are everywhere, you know it and I know it! There’s not been a enterprise SharePoint deployment I’ve been involved with over the last 18 months where the topic hasn’t reared it’s head. Finally someone has a decent toolset that actually considers business requirements rather than just hype. Check out this upcoming webcast around the area for more details: The iPad invasion is here, ready or not. Used for an increasingly wide range of business applications, iPads can be found at every level, from executives to assistants, board members to sales teams. ...

Mirroring the Profile and Social databases *IS* 100% supported

As a small but significant follow up to my UPA session at the SharePoint Conference in Anaheim last month, is that yesterday we pushed out an update to the Database types and descriptions article on TechNet to finally detail that synchronous mirroring of the Social database IS 100% supported. As already detailed in this document, the Profile database already supported synchronous mirroring. That leaves the Sync database, which if you were paying attention in the session we really don’t care about in terms of “HA” or “DR”. Not perfect by a long shot but you can now officially...

Scripts from my SharePoint Conference Sessions

As promised during my sessions at the SharePoint Conference in Anaheim last week, here are the Windows PowerShell scripts demonstrated. Please note that these scripts are direct copies of those on my Virtual Machines. You *will* need to tweak them for use on your environments, and remember they are authored for the purposes of demonstration! If you wish to take pieces of them to use in a real deployment, they will need some work. The scripts are provided as is, without any warranties! You know the score. SPC407: Enterprise Deployment Considerations for the User Profile Service Application. ...

Simply must have IT Pro Resources for SharePoint Server 2010

SharePoint Conference 2011 is in full effect here in sunny Anaheim, CA. Following this morning’s keynote it is worth pointing you in the direction of a couple absolute must haves which were released today as part of the overall festivities. First up is the Scale Test Report for Very Large Scale Document Repositories white paper which describes the design and implementation of a 120 million (count em) item, 30Tb farm – the same farm that was used in the keynote HA demo. The number of times I’ve had to discuss “scalability limits” of SharePoint with customers is frightening, and...

SharePoint Pod Show: MCM, Top 3 mistakes, and User Profile Sync discussion

Was chatting to my buddy Rob Foster recently and he was slagging me off for not pointing to the SharePoint Pod Show we recently recorded. So here for you listening pleasure (ahem!) is a discussion about the MCM program, some classic mistakes for SharePoint deployments and even a little bit of cricket! SharePoint MCM, Top 3 mistakes, and User Profile Sync discussion with Spencer Harbar-Episode 63   .

SharePoint 2010 Advanced Infrastructure Administrator - 29th August–2nd September, Auckland, NZ

After Tech Ed New Zealand, I’ll be hanging back in Auckland with my good buddy Steve Smith to deliver the Combined Knowledge SharePoint 2010 Advanced Infrastructure Administrator course. This is by no means your regular SharePoint admin training. According to the blurb, “This is a once in a lifetime opportunity to learn from two of the most experienced SharePoint experts in the World today and take your SharePoint knowledge to the next level!” It’s always great fun to work with Steve, and I’m looking forward to delivering this material, which steps away from the usual SharePoint featurisms and...

Summer and Autumn Speaking Engagements

It’s that time again folks, Conference craziness season is back with a vengeance after the summer. When is it *not* conference season I hear you chuckle! Anyways, I have the privilege of speaking at a number of events between now and the end of the year. It’s always a great deal of fun to meet folks at conferences and hear about their SharePoint experiences. I look forward to seeing you one of the following events.   TechReady 13 25-29 July - Seattle, WA http://www.mytechready.com/ This event is for Microsoft employees only....

Managing Sync Connections with *-SPProfileSyncConnection cmdlets in Service Pack 1

One of the most common conversations I have with customers, partners and random SharePoint consultants is around the creation of SharePoint Server 2010 User Profile Synchronization Connections. These guys are the key link, or connection string if you will between the User Profile Service Application (UPA) and the connected directory services. A very common complaint is the inability to automate their creation using Windows PowerShell. The good news is that Service Pack 1 (SP1) introduces a couple of new cmdlets which help in this regard. This post looks at these cmdlets and also details why they might not be all...

User Profile Synchronization Service changes in the June 2011 Cumulative Updates

One of the most common complaints about the User Profile Synchronization service in SharePoint Server 2010 is the time it takes to perform synchronization runs or “sync” for short. This is due to a number of factors not least of which is that by leveraging Forefront Identity Manager (FIM) SharePoint now effectively includes a metadirectory. This is a good thing. However if you are just doing import then there is a huge increase in the time it takes over previous versions which were simply performing an ADSI query and inserting the results into a database. It’s very important to...

It’s all about relevance. The *-SPProfileLeader Windows PowerShell cmdlets in SharePoint Server 2010 SP1

You may have noticed a few new Windows PowerShell cmdlets included with SharePoint Server 2010 Service Pack 1 (SP1), Get-SPProfileLeader, Add-SPProfileLeader & Remove-SPProfileLeader. These cmdlets are causing a little bit of confusion, so this short post explains them and the problem they are intended to address. First up, they have absolutely nothing whatsoever to do with Organizational Profiles. The term “leader” here is somewhat misleading (no pun intended!). What this is all about is User Profiles and People Search Relevance. One of the key pieces of data that SharePoint Server Search uses to drive relevance in people...

Changes to Social Computing features in SharePoint Server 2010 Service Pack 1

One of the best new feature areas of SharePoint Server 2010 was the social computing capabilities delivered by the User Profile Service (UPA). Tags, Ratings, Activities as well as enhancements to the My Sites infrastructure allow enterprises to deliver rich “social” applications with the out of the box capabilities. Furthermore by using these features as building blocks a new class of composite social applications have become possible, enabling the enterprise to leverage social computing for both business benefit and end user happiness. Of course, as with many aspects of SharePoint 2010, with great power comes the need for responsibility...

So What the Fuss? - Service Pack 1 and June 2011 CU for SharePoint 2010

As I’m sure you are all aware, a couple of days ago Microsoft released Service Pack 1 (SP1) for SharePoint 2010. On the same day the bi-monthly Cumulative Update (CU) – the June 2011 CU - was released. Service Pack 1 of course has been hotly anticipated both by the community and customers alike. Unfortunately these releases have caused mass confusion and much contradictory advice regarding the packages and their installation. This post is simply an attempt to reduce the amount of questions I receive about this topic, or rather have something I can point people to when they...

Upcoming Speaking Events

I have the privilege of speaking at the following SharePoint events over the next couple of months. Looking forward to meeting everyone, if you are attending, drop by and say hello!   SharePoint Saturday Holland 26th March 2011, Utrecht, Netherlands I’ve done a couple of SharePoint Saturday events before, but only as a “virtual” presenter, this will be the first time I’ll actually be at the event. I’ll be presenting my increasingly popular Rational Guide to User Profile Synchronization session. More details.   European SharePoint Best Practices Conference 11th –...

Decent SharePoint Books!!!!

I’m frequently asked for SharePoint book recommendations. This is tricky because from my point of view most of them are rubbish. The publisher driven gold rush to get titles on the shelf on or around the release of a product really is very bad from a quality perspective. The amount of misinformation in SharePoint 2010 books in particular is outstanding. The good news is that things are beginning to get back on kilter and there have recently been some excellent books released. Here’s a very mini review of some quality titles recently published.   Professional Business...

Creating User Profile Synchronization Exclusion Filters using the userAccountControl attribute

Planning and implementing Exclusion Filters for SharePoint Server 2010 User Profile Synchronization (UPS) is without doubt one of the most important aspects of any UPS deployment. By making use of Exclusion Filters we can narrow down the objects we sync with. Exclusion Filters reduce the amount of “junk” in the Profile database and can significantly decrease the time taken to perform synchronization runs. I will be posting more about Exclusion Filters in general soon, but for this post I will concentrate on the most commonly used filter – that of the userAccountControl attribute in Active Directory. This is by...

Article: SharePoint Server 2010 User Profile Synchronization with Novell eDirectory 8.8 SP6

It’s been brought to my attention recently that you all love the User Profile Synchronization service instance in SharePoint Server 2010! :). So much so in fact, that one of the most common requests I get is for more articles on this topic, and in particular details on syncing with directory systems other than Active Directory. There is very little documentation about syncing with Novell eDirectory. Unfortunately at present TechNet only provides cursory information regarding permissions, and the early White Paper is extremely weak. Neither provide the necessary details to get it running. This article will walk through the steps needed to...

Account Deletion and SharePoint 2010 User Profile Synchronization

Recently I’ve been asked a number of times about what happens to accounts deleted from Active Directory with respect to SharePoint 2010 User Profiles, and the User Profile Synchronization service instance. Unfortunately this pretty much isn’t documented at all, and furthermore there is quite a lot of incorrect information and assumptions about this area. There is plenty on how SharePoint 2007 handled things of course, but as regular readers (all two of them) will know, things are mighty different in 2010. The good news is that things are pretty straightforward and this post will walk through the important details. Let’s take...

Critical Information about the SharePoint Server 2010 October 2010 Cumulative Update

From the SharePoint Team Blog: Microsoft has discovered a critical issue in the recently released October Cumulative Updates for SharePoint Server 2010 and Project Server 2010, and we have removed the files from download availability.  If you have already downloaded the CU, do not install it. If you have installed the CU, please contact Microsoft Support for assistance.  We will be posting additional information about the issue here as soon as we have it, and will make the Cumulative Update available for download again as soon as the issue has been fully resolved. Pretty...

Avoiding the Default Schema issue when creating the User Profile Service Application using Windows PowerShell

As you may already be aware there is a bug when creating the User Profile Service Application (UPA) using Windows PowerShell. This bug prevents the provisioning of the User Profile Synchronization service instance (UPS). In a nutshell, when using Windows PowerShell to create a UPA the Default Schema of the Farm Account on the Sync DB is set incorrectly, and this will lead to an error during provisioning of the UPS later. The following error will be logged to the Application Event Log: “IF EXISTS (SELECT * FROM sys.xml_schema_collections c, sys.schemas s WHERE c.schema_id =...

ULSViewer – the tool that NO SharePoint practitioner should be without

I am frequently surprised (I know, I shouldn’t be really) just how few SharePoint people know about ULSViewer. Often times someone will be complaining about an error they are experiencing, the conversation goes something like this: SPDude, “Hey man, I’ve got a problem with my SharePoint” Me, “Don’t we all buddy,  it’s installed isn’t it… but what’s your problem exactly?” SPDude, “Well when I click on the widget and attempt to configure the coolness, I get ‘an unexpected error has a occurred’” Me, “OK, widget coolness can...

Article: “Stuck on Starting”: Common Issues with SharePoint Server 2010 User Profile Synchronization

Back about a week after RTM of SharePoint 2010 I published my Rational Guide to implementing SharePoint Server 2010 User Profile Synchronization. This was actually written up long before RTM and was doing the rounds among a circle of SharePoint “insiders”. I then tweaked it for RTM and pushed it out immediately after the SharePoint Evolutions Conference, where I had demoed live the steps. Amazingly, this article has already been viewed over 260,000 times! An incredible response. Of course the Microsoft documentation in this area is weak at present, and UPS is what you could call a “rough edge” of...

Rational Guide to Multi Tenancy with SharePoint 2010, Part Six: Provisioning Tenants

This, the sixth part of the Rational Guide article on multi tenancy, will walk through the creation of feature packs and the provisioning of Tenants for the sample scenario detailed in part three. Provisioning Tenants If you haven’t checked out the previous parts, I strongly encourage you to review them. I won’t repeat information and I assume you have read the previous parts, which are: Feature and Capability Overview Planning your Deployment Example Scenario and what Multi Tenancy brings to the party Configuring...

SharePoint Connections, The Hague, 28 & 29th September

I have the privilege of speaking at the upcoming SharePoint Connections conference in the very pleasant indeed city of Den Haag (The Hague). The event is being held on 28th and 29th September, and you can find out full details and register at http://www.devconnections.com/speurope/. I will be delivering the following breakouts: MIT03: Lessons Learned and Best Practices from Enterprise Deployments of SharePoint This session covers the lessons learnt by early enterprise deployments of SharePoint Server 2010. Focusing on SharePoint 2010 specifics, the session will detail these lessons along with...

Rational Guide to Multi Tenancy with SharePoint 2010, Part Five: Creating Partitioned Service Applications

This, the fifth part of the Rational Guide article on multi tenancy will walk through the creation of the partitioned service applications and the starting of their related service instances for the sample scenario detailed in part three. 5. Creating Partitioned Service Applications If you haven’t checked out the previous parts, I strongly encourage you to review them. I won’t repeat information and I assume you have read the previous parts, which are: Feature and Capability Overview Planning your Deployment Example Scenario and what Multi Tenancy...

Rational Guide to Multi Tenancy with SharePoint 2010, Part Four: Configuring the base infrastructure

This, the fourth part of the Rational Guide article on multi tenancy will start to walk through the configuration of the sample scenario detailed in the previous part. This is where we get into the meat of things. 4. Configuring the base Infrastructure If you haven’t checked out the previous parts, I strongly encourage you to review them. I won’t repeat information and I assume you have read the previous parts, which are: Feature and Capability Overview Planning your Deployment Example Scenario and what Multi Tenancy...

SharePoint Best Practices Conference, Washington DC, August 24-27

I’m honoured once again to be speaking at the Best Practices Conference, which is taking place in Washington D.C. August 24th thru 27th. The Best Practices Conference is easily the best non Microsoft SharePoint event, and the speaker line up is excellent. If you are implementing SharePoint 2010, you don’t want to miss this show. This year, I’m leading up the Keynote: What the Masters think About SharePoint 2010, which will feature five fellow MCMs all of whom do not work for Microsoft. I will also be presenting the following breakouts, all with updated new content specifically for...

Contest: Win a Visual Studio 2010 Ultimate with MSDN subscription

[Update 13/09/2010] Comments are now closed on this post. I will reveal the winner over the next week or so. I’m giving away a one year Visual Studio 2010 Ultimate with MSDN subscription. It’s worth quite a lot of money, but more importantly you get all the software you could possibly want to help you build your solutions. The contest is very simple. Just suggest a topic for a future article here. The rules are: Open only to non Microsoft Employees and non MVPs You must post your suggestion here using a comment. No email, no...

Thoughts on the Microsoft Certified Master for SharePoint 2010

It’s been a bit quiet here recently, one of the reasons for that is I recently attended the first rotation of the Microsoft Certified Master for SharePoint 2010. A number of people have requested that I post my thoughts on this and address some common questions about the certification. Before I get started, I must include another Thrilleresque disclaimer. I am part of the team that produced the MCM for SharePoint 2010. I am an instructor and content owner for six modules. Therefore I have an obvious vested interest in the program. However, this doesn’t change the fact that...

Article: Rational Guide to Multi Tenancy with SharePoint 2010, Part Three: Example Scenario and what Multi Tenancy brings to the party

This, the third part of the Rational Guide article on multi tenancy walks through the example scenario which future articles use to show how to build out the multi tenant capabilities of SharePoint Server 2010. I will also highlight the key features in action, providing an overview of what multi tenancy brings to a SharePoint 2010 deployment. If you haven’t checked out the previous parts, I strongly encourage you to review them. I won’t repeat information and I assume you have read the previous parts, which are: Feature and Capability Overview Planning...

Article: Rational Guide to Multi Tenancy with SharePoint 2010, Part Two: Planning your Deployment

In the first part of my Rational Guide to Multi Tenancy with SharePoint 2010 article, I walked through the problem space and discussed the features of SharePoint 2010 that enable multi tenant environments. This can be seen as the “overview” (or perhaps “marketing” :)). As promised this is part two, the idea of which is to walk through how to set it all up along with some general recommendations. Now, as much as I wanted to post this as a single article, it’s just too big. There’s too much to discuss and there’s way too much script. I’m not...

Create your own SharePoint Server 2010 RTM Virtual Machine - The Complete Guide

Since the release of SharePoint 2010, one of the most common questions I get is “what is the best way to get up and running to be able to play around”. Microsoft of course offer a pre-canned VM which is an excellent resource for partners for sales purposes. But if you are a little more technical, you probably want to set it up yourself. Here is THE GUIDE for doing this, hot off the press from the folks at Critical Path: ***NOW AVAILABLE*** Create your own SharePoint Server 2010 RTM Virtual Machine - The Complete Guide Enjoy!

Article: Rational Guide to Multi Tenancy with SharePoint 2010

This second article in my Rational Guide series focuses on the capabilities in SharePoint 2010 which enable the delivery of hosting environments. Hosting is finally a first class citizen in SharePoint 2010, however there isn’t a great deal of material out there on this subject. This article will: walk through the problem space discuss the features of SharePoint 2010 that enable multi-tenant environments provide a step by step guide to setting it all up give general recommendations for those looking to deliver hosting platforms...

Adding SharePoint 2010 PoweShell cmdlets to your PowerShell ISE

PowerShell for SharePoint 2010 rocks. No, really it does. You hate it at first, but then it’s all pure goodness. But boy, does the UI SUCK! Crap for productivity, crap for demos, just about crap for anything other than lame jokes about old skool shell scripting. Sure, there are funky PowerShell GUIs out there, but they appear to cost money. The good news is Windows ships with it’s own IDE. This thing is called an ISE – prey how much do marketing people get paid? Anyway – that’s what I’ve been using for all my demos to show the PowerShell stuff that...

Service Application Federation with SharePoint 2010

Yalls may be playing around with Service Application Federation with SharePoint 2010 with the shiny new SharePoint Server 2010 bits. This federation is also called publishing and consuming service applications, but as I’m spending a lot of my time of late in PowerPoint, I’m using the buzzword for the time being. However, with the RTM bits there is a fundamental missing piece that is not currently documented on Tech Net. Of course you need to exchange and install the necessary certificates as detailed here. However in order to make it work the consuming farm must have permissions to...

Article: In a Nutshell: SharePoint 2010 Service Applications

SharePoint 2010 includes a fundamental architectural change from the previous version with the introduction of “Service Applications”. This new architecture has extremely broad and deep consequences for SharePoint practitioners. Unfortunately Service Applications thus far have been poorly explained and documented, and already there are many myths surrounding them. This “In a Nutshell” article is an attempt to distil the core elements down to brass tacks. It is intended primarily for architects and administrators planning their farm topologies, but will also be useful for anyone working with SharePoint 2010. http://www.harbar.net/articles/sp2010sa2.aspx

Upcoming SharePoint Community Events

I’ll be participating in a few SharePoint Community Events over the next few weeks, for those interested the details are below. Wednesday 28th April (5pm – 6pm GMT) Online SharePoint MVP Expert MSDN Chat This is a new idea, and will be interesting to see how it goes. The general idea is for you to fling your questions about SharePoint 2010 at the panel of SharePoint MVP “experts”. A free online event via MSDN.   Wednesday 5th May (5.30pm till whenever) Microsoft, Waverly Gate Edinburgh SUGUK...

Article: Rational Guide to Implementing SharePoint Server 2010 User Profile Synchronization

There's a ton of stuff out there on User Profile Sync in SharePoint Server 2010. Some of it’s good, some of it’s frankly terrible. TechNet has some of the best material, but unfortunately TechNet’s format restrictions are counter-intuitive. Therefore this article presents an end to end, “rational guide” to setting this up. There are a couple of contentious setup requirements in here. I may discuss those in more depth later. For now, the following steps are required. Don’t try and work around them, UPS will break. The following is the least privilege you can get away with. This article will also be...

SharePoint 2010 Evolution demos update

For those that attended a couple of my presentations earlier in the week at the Evolution conference I hit a couple issues, both of which are pretty lame and embarrassing. At the time I promised to post an update here once I'd had the chance to look at the boxes again.   FBA login issue. this was purely a problem between keyboard and the stage. I was entering the passwords: Password1 and password. The correct password for John Coltrane was P@ssword1 – due to the complexity requirements of the ASPNETDB.  I don’t actually use FBA against ASPNETDB that...

SharePoint 2010 Evolution Conference Slide Decks

Here are the slides from my presentations at the SharePoint 2010 Evolutions Conference this week in London. I will be updating this page as we get through each day of the show. Monday IT101: Overview of what’s new in SharePoint 2010 for IT Pros (with Neil Hodgkinson). DD105: Multi-Tenancy in SharePoint 2010. Tuesday DD108: Claims based Authentication in SharePoint 2010. IT109: Configuring Managed Metadata Service (with Steve Smith). DEV111: Multilingual solutions with SharePoint 2010. Wednesday IT112: SharePoint 2010 Mythbusters. IT114: Configuring and managing User Profile Synchronization. ...

Crawling Kerberos Web Applications on non-default ports

Quite a long time ago there was a comedy to and fro regarding the non-ability of SharePoint Server 2007 to crawl (or index) Web Applications on non-default ports which had been configured to use Kerberos Authentication. The upshot was that you needed to have a non Kerberos site in the default zone for the purposes of crawling. The full details of this are posted over at TechNet: Configure Kerberos-authenticated sites for crawling. Now of course using non default ports is really rather silly, but it happens a lot. There was also some misinformation posted over on the To...

SharePoint 2010 and Kerberos

This is the first in a series of posts about using Kerberos with SharePoint 2010. This one is an easy introduction to using Kerberos for authentication in Classic Mode. My good buddy Ted Pattison likes to joke around with me that Kerberos is dead, thanks to the “new” world of claims based identity. But it is a joke! :) Kerberos is far from dead, and in many scenarios it is still the best choice for Authentication, if not Authorization within SharePoint 2010. For those of you who are fellow security geeks, you will know of course, that Kerberos is indeed...

SUGUK Manchester: Information Architecture for SharePoint Server

Earlier this week I presented a session at the SharePoint User Group UK Manchester event. Shout out to Mark Stokes for organising yet another great SUGUK event. This session was an introduction/overview of IA for SharePoint, and also highlighted the key new features in this realm within SharePoint Server 2010. For those interested you can download the slide deck below. Information Architecture for SharePoint Server

Groundhog Day: Configuring Back Connection Host Names using Group Policy

Quite some time ago I posted coverage of the DisableLoopbackCheck registry key and how it impacts SharePoint. It’s amazing just how often this comes up on the Interwebz. Scarily the common advice given is to turn this feature off. And that’s bad advice. In my original post I detailed why. In a nutshell: OK in test/dev, NOT OK in Production.  Yesterday my buddy Bob Fox posted a follow up, DisableLoopBackCheck? Let’s do it the right way. His post details how to configure a list of names which won’t be checked. This is all good, but what if you...

MUST READ: SharePoint’s Sasquatch Memory Leak

Over on the rather natty looking new blog from PFE extraordinaire Todd Carter, there are details of a serious issue with SharePoint that everyone should be familiar with. Check it out. Todd's Blog | SharePoint’s Sasquatch Memory Leak

TechNet Misinformation: How NOT to use Kerberos for SharePoint Authentication

I’m somewhat aggrieved this morning, as I found a new article from TechNet entitled “Using Kerberos for SharePoint Authentication”. Now while this article is not supposed to be the be all and end all it is very depressing that still now, in 2010, such inaccurate and in some cases 100% wrong information is being put out there by the vendor. This is especially true given the work I have done in this space over the last 18 months. So what’s wrong with it? Well one of the reasons people find this area difficult is nobody seems willing to...

Application Pool mis-configuration in SharePoint 2010

As I’ve previously detailed there is a significant oddity with how SharePoint 2010 Beta creates Application Pools in IIS for the hosting of Service Applications and especially the two most important services in your farm, the STS and Topology. As mentioned these application pools are named with GUIDs. Unfortunately when creating a Web Application, SharePoint 2010 uses the SharePoint only property Display Name for the STS application. The STS application is required as part of every SharePoint 2010 Web Application and lives at /_vti_bin/sts. As the Web Application is being provisioned SharePoint uses the display name, SecurityTokenServiceApplicationPool. This of course doesn’t exist...

Application Pool Manager v3 (for SharePoint 2010)

We are pleased to announce a new release of the popular Application Pool Manager. This version (v3) has been produced to support SharePoint 2010. We don’t have much in the way of fancy new features in this release, but we do have some good ideas for a future release around April and are always keen on other ideas we could incorporate. The most important thing about this release is that it is targeted at SharePoint 2010 only. As such it only supports IIS7. This has allowed us to remove all of the legacy IIS6 code and the shims necessary...

More on SharePoint 2010 Application Pools

Blimey! My recent post about worker processes generated a large number of follow up questions. Instead of answering all of these individually, this post will cover the details and perhaps be useful as a reference in the future. Before I get started there is one thing which perhaps is obvious, but needs to be made clear: SharePoint 2010 is a beta release. It is always possible that things change come the final RTM release. That’s the point of a beta really!:) I am going to assume the same setup characteristics from the example in the previous post. ...

Microsoft SharePoint Connections 2010, Amsterdam

I’m honoured to be one of the speakers at the upcoming SharePoint Connections 2010 event in Amsterdam, The Netherlands on the 18th and 19th January. It promises to be a great show with lots of great 2010 content and speakers. The general goal of the event is to deliver highlights from the SharePoint Conference earlier this year in Las Vegas to the European audience as well as offering significant networking opportunities. Its all going down at the RAI conference centre just outside Amsterdam city. The RAI isn’t a casino, but it is an excellent conference facility! I will presenting...

SharePoint Server 2010 Worker Processes

Recently a number of people have asked about the number of worker processes which are alive on a new install of SharePoint Server 2010 and the associated other processes which amongst other things increase the resource requirements (primarily RAM) for running SharePoint 2010 over SharePoint 2007. This post will explain the core changes here and what you can expect to see following the installation and farm configuration. As with SharePoint 2007, or any other .NET based web application for that matter, your implementation specifics will determine the number of and isolation and security characteristics of the processes running including...